[Remote] Senior Cyber Security Analyst, Application & Infrastructure

Note: The job is a remote job and is open to candidates in USA. iRhythm Technologies, Inc. is a leading digital healthcare company focused on advancing cardiac care. They are seeking a motivated cyber security professional to drive application security, threat modeling, and penetration testing for both infrastructure and applications, contributing directly to the security posture of the company.

Responsibilities

• Perform application security assessments across software products, cloud services, and supporting infrastructure
• Provide security input to threat models, including identification of risks, mitigations, and residual risk
• Plan, coordinate, and manage penetration testing activities, including scoping, execution, and remediation tracking
• Review, analyze, and interpret penetration test and vulnerability assessment results
• Partner with IT and engineering teams to validate findings, recommend mitigations, and track remediation to closure
• Support preparation of cybersecurity documentation for regulatory submissions, including FDA 510(k) filings and NIST requirements
• Apply NIST-based cybersecurity frameworks and guidance to application, infrastructure, and product security efforts
• Partner with the Product Security team to align application security practices with product risk management processes
• Contribute technical input to security artifacts such as threat models, vulnerability assessments, and cybersecurity risk documentation
• Collaborate with engineering, quality, and regulatory stakeholders to ensure security requirements are understood and addressed
• Contribute to continuous improvement of application security processes, standards, and documentation
• Assist in responding to internal and external security assessments, audits, and regulatory inquiries related to cybersecurity

Skills

• Bachelor's degree in Computer Science, Information Security, Engineering, or a related field, or equivalent experience
• 8+ years of experience in cybersecurity with a focus on application security, penetration testing, infrastructure security, or product security
• Experience supporting cybersecurity activities in a regulated environment such as medical devices or healthcare technology
• Demonstrated experience working with NIST cybersecurity standards and frameworks
• Experience supporting or contributing to FDA regulatory submissions, including 510(k) documentation, from a cybersecurity perspective
• Strong application security testing and vulnerability assessment skills
• Hands-on experience managing and interpreting penetration testing activities
• Working knowledge of secure software development practices and threat modeling methodologies
• Ability to communicate security risks and recommendations clearly to technical and non-technical stakeholders
• Strong project management, analytical, documentation, and problem-solving skills

Company Overview

Company H1B Sponsorship